open_basedir restriction message

Overview

When attempting to access a file in PHP, the script will yield a warning similar to:

Warning: fopen(): open_basedir restriction in effect. File(/var/www/myresource) is not within the allowed path(s): 
(/home/virtual/site2/fst:/var/www/html:/usr/local:/usr/bin:/usr/sbin:/etc:/tmp:/proc:/dev:/.socket) in /home/virtual/site2/fst/var/www/html/myfile.php on line 3

Cause

This is caused by mistakenly referencing a path within a pivot root inconsistent with PHP. PHP runs with a separate filesystem visibility for high-throughput performance, whereas FTP and control panel access require low-throughput, but heightened security. PHP implements a different security subsystem and different access rights.

Solution

Prepend the HTTP Base Prefix value taken from the control panel under AccountSummaryWeb. For example, the following PHP snippet would be corrected as follows:

<?php
   // INCORRECT
   // Will yield open_basedir warning
   $key = file_get_contents("/var/www/secret.hash");
   // CORRECT
   $key = file_get_contents("/home/virtual/site12/fst/var/www/secret.hash");
?>

For convenience, the web server will populate an environment variable named SITE_ROOT that contains the value of HTTP Base Prefix. A better example would be:

<?php
   $key = file_get_contents($_SERVER['SITE_ROOT'] . "/var/www/secret.hash");
   // do whatever, $key works!
?>

Just don’t forget too that PHP requires special permissions for write access!

See Also

PHP: Writing to files

Leave a Reply